blob: cee586c13bb0d4b9e9e8e33e011f1cb8c562457d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
(use-modules (webid-oidc client-manifest)
(webid-oidc cache)
(webid-oidc testing)
(webid-oidc errors)
(web uri)
(srfi srfi-19)
(web response)
(ice-9 optargs)
(ice-9 receive))
(with-test-environment
"client-manifest"
(lambda ()
(define what-to-respond
(build-response #:headers '((content-type text/turtle))))
(define what-to-respond-body
"@prefix solid: <http://www.w3.org/ns/solid/terms#> .
<#app> solid:oidcRegistration \"\"\"{
\"client_id\" : \"https://app.example.com/id#app\",
\"redirect_uris\" : [\"https://app.example.com/callback\"],
\"client_name\" : \"Solid Application Name\",
\"client_uri\" : \"https://app.example.com/\",
\"logo_uri\" : \"https://app.example.com/logo.png\",
\"tos_uri\" : \"https://app.example.com/tos.html\",
\"scope\" : \"openid profile offline_access\",
\"grant_types\" : [\"refresh_token\",\"authorization_code\"],
\"response_types\" : [\"code\"],
\"default_max_age\" : 60000,
\"require_auth_time\" : true
}\"\"\" .
")
(define* (respond uri #:key (headers '()))
(unless (equal? headers '((accept (text/turtle))))
(exit 1))
(when (string? uri)
(set! uri (string->uri uri)))
(unless (equal? uri
(string->uri "https://app.example.com/id#app"))
(exit 2))
(values what-to-respond what-to-respond-body))
(define current-time 0)
(define cache-http-get
(with-cache
#:current-time
(lambda ()
(make-time time-utc 0 current-time))
#:http-get respond))
(define mf
(get-client-manifest
(string->uri "https://app.example.com/id#app")
#:http-get cache-http-get))
(define id (client-manifest-client-id mf))
(unless (equal? id (string->uri "https://app.example.com/id#app"))
(exit 3))
(unless (client-manifest-check-redirect-uri mf "https://app.example.com/callback")
(exit 4))
(with-exception-handler
(lambda (error)
(unless ((record-predicate &unauthorized-redirection-uri) error)
(exit 5)))
(lambda ()
(client-manifest-check-redirect-uri mf "https://fraudulent-app.example.com/callback")
(exit 55))
#:unwind? #t
#:unwind-for-type &unauthorized-redirection-uri)
(receive (response response-body)
(serve-client-manifest
(time-utc->date (make-time time-utc 0 3600))
mf)
(unless (equal? (response-content-type response) '(text/turtle))
(exit 6))
(set! what-to-respond response)
(set! what-to-respond-body response-body)
(set! current-time 10)
(let ((re-parsed (get-client-manifest
(string->uri "https://app.example.com/id#app")
#:http-get cache-http-get)))
(map (lambda (key)
(unless (equal? (assq-ref mf key)
(assq-ref re-parsed key))
(exit 9)))
'(client_id redirect_uris client_name client_uri
logo_uri tos_uri scope grant_types response_types
default_max_age require_auth_time))))))
|